If I read the text in the concluding dialog box of CWShredder (and on the Merijn webpage itself) correctly, the problem here is only for folks who haven’t patched their MS VM machine since the key vulnerability was identified (and patched) April 2003 (the ByteVerifier patch).

I’m not sure it’s appropriate for MS to taken to task now for folks who haven’t patched something that’s been a known danger for over a year.  (Certainly there are plenty of other things to take them to task about, to be sure.)

I generally don’t mess with the girlfriend’s computer (unless she specifically asks me to); since it’s got anti-virus, pop-up blocker and firewall installed.  But tonight, I think I’ll definitely be kicking her off of it, installing Firefox and hiding every trace of IE from her that I can.

captcha = world

I personally don’t use CWshredder anymore.  I boot into safe mode, go into view and unhide everything possible, and then start searching for executables that have installed in the past week/month.  If you kill off weird .exe, .dll, .com and .bat files, you’ll kill almost all hijackers.  (Very important to unhide protected system files first, though.)

Then start up in normal mode, go into IE options BEFORE starting IE, fix the startup page, and you’re good to go.

I’ve managed to kill off everything using this method.

Not for the faint of heart, though.  You need to be careful that you don’t blow up anything legitimate.

The handwriting has been on the wall for a while and I finally got off my lazy but and installed FireFox today. Are there any ‘must have’ add-ins that I need to get? 

Thanks Bill for making me yearn for the days of ‘Geoworks Ensemble’.

captcha = ‘policy’ haha IE could use some

I’d say the #1 must have for Mozilla/Firefox would be Adblock.  It’s so nice to surf the web without ads & pop-ups.  :D

Some of the other add-ons that I like are:
EditCSS
MozCC
Enigmail (e-mail add-on, so Mozilla or maybe Thunderbird but not Firefox)

Other than that, it kind of depends on what you want.  Check the Active Project page for more add-ons than you can shake a stick at.

captcha = “then”

I installed Firefox about a week ago and I am having a bit of difficulty installing java for it.  I have tried the methods described on one of the help sites except for installing the ‘unoficial’ installer.  I actually downloaded NSIS but I have no clue how to write an install script for it.

Can anybody tell me how install java for Firefox?  All help is greatly appreciated.

Ok, big hint to prevent popups, etc for IE. Now, this =DOES= disable the functionality for certain websites filled with extra garbage no one really needs, but the webmaster insisted on putting in…

Under the Security Tab in Internet Options, click on Custom Level, disable all Active X, disable scripting and disable Java Scripting. Hit OK, then restart the browser. This kills any and all popups, alot of redirects, and all of those nasty ad scripts built into the urls and page code. Now, remember, you have to turn on all 3 to access the Windows Update website.

That’s the paradox of IE: to make it “safe” you have to disable the very features that allow Windoze update to work, which is essential to keeping a safe system.  Geeks will go through disable/enable/re-enable but most users will not, resulting in less safety on networks.  Gee!

Windows update is the only thing I use IE for.  Everything else: Mozilla.  Only a little bit because of its improved safety, but mostly because I’m really addicted to tabbed browsing - and blocking popups is as simple as clicking “block unrequested popups.”

Capcha: “average” - as in the kind of user applications have to take into consideration.

Oh I totally agree, right now I am using IE to view this site though as I have just completed a fresh format and reinstall of the OS and was too lazy to install Mozilla again right now. But of course it will be on my system again shortly as I also love tabbed browsing and the faster response times of page loading, etc.

An excellent tool for tweaking Windoze XP that I recommend is TweakXP Pro by Totalidea Software, tons of CPU, File System, OS, IE, Outlook and Outlook Express, etc tweaks for the average and pro user. I happily customized my IE browser bar to say Internet Explorer Sucks instead of the normal boring title

I can customize the browser bar with TweakXP Pro?  (Voice of Will Smith from Independence Day) “Man, I have GOT to get me one of these!”

Browser bar: “Internet Explorer Malware Platform”

DOF, if you want to change the titlebar in IE you could just hack the registry:

Using Registry Editor, add a String value named Window Title to the following key in the registry:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

The data value is the title you want to appear on the Internet Explorer window.

Hey, Les, ever thought you’d be on the same side as the Department of Homeland Security on anything?

The Department of Homeland Security’s U.S. Computer Emergency Readiness Team touched off a storm this week when it recommended for security reasons using browsers other than Microsoft Corp.’s Internet Explorer.

Swell.

Wow! I’m as shocked as you are.

Next thing you know they’ll be advising folks to play more video games.

And they should, since it is scientific fact that video games improve reasoning abilities, quick thinking, and hand-eye coordination. Viva la games!

On a side note, yes, you can do the registry hack, but why bother doing only one thing when you can use a nice program to do it for you, and do all kinds of other neat things too

Next thing you know they’ll be advising folks to play more video games

They are!

Yes, but everyone knows that game is just a cheap recruitment toy for the meatgrinder known as the US Army

America’s Army!  *gag*

(me coughs up something far too nasty to swallow and then spits it under the nearest patch of shrubbery)

Leave it to the military to take something as pure and delightful as the Unreal engine, that sublime source of adrenaline jitter fast-twitch fragfest fantasy, and transform it into an overly realistic recruiting tool.

If you can’t “reach out and touch” someone with the laser gun, then switch to the mini to finish them off, well. . .  what’s the point of playing?

If the military really wanted to recruit me, they’d have to institute “force respawn” on all their servers.

Yes, but everyone knows that game is just a cheap recruitment toy for the meatgrinder known as the US Army

I bet it wasn’t cheap - you and I probably paid top dollar for it.  Sleazy, yes; underhanded and cynical; absolutely.  But not cheap.  ($100 for a toilet seat - how much to develop a video game?)

JYNXD, I agree about using a program instead of the registry hack - I’m just clumsy enough to make editing the registry for entertainment inadvisable.

Capcha: “usually” as in I’m usually clumsy but do have occasional moments of apparent brilliance.

Yeah, I know what you mean about being clumsy, although I do tend to manually edit my registry with wild abandon when I learn of a new tweak or hack that isn’t already covered by a program

On a side note, I happen to use Protowall, The Blocklist Manager, Peerguardian, Spybot S&D 1.3, Ad-Aware Pro 1.81, AVG, and Spyware Blaster to great effect at prefenting malware like CWS from even getting on my computer to begin with. Script Sentry from Gibson Research is another very handy tool that prevents browser based scripts from executing and making changes to your browser among other things.

Gah, I misspelled preventing, now I must perish in the limbo of poor spelling Purgatory :/ This is what I get for typing after I have just woken up